Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20250407164048.GB2399468@igalia.com>
Date: Mon, 7 Apr 2025 16:40:48 +0300
From: Adrian Perez de Castro <aperez@...lia.com>
To: webkit-gtk@...ts.webkit.org, webkit-wpe@...ts.webkit.org
Cc: security@...kit.org, oss-security@...ts.openwall.com
Subject: WebKitGTK and WPE WebKit Security Advisory WSA-2025-0003

------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory                 WSA-2025-0003
------------------------------------------------------------------------

Date reported           : April 07, 2025
Advisory ID             : WSA-2025-0003
WebKitGTK Advisory URL  : https://webkitgtk.org/security/WSA-2025-0003.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2025-0003.html
CVE identifiers         : CVE-2024-54551, CVE-2025-24208,
                          CVE-2025-24209, CVE-2025-24213,
                          CVE-2025-24216, CVE-2025-24264,
                          CVE-2025-30427.

Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.

CVE-2024-54551
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to ajajfxhj.
    Impact: Processing web content may lead to a denial-of-service.
    Description: The issue was addressed with improved memory handling.
    WebKit Bugzilla: 275117

CVE-2025-24208
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara.
    Impact: Loading a malicious iframe may lead to a cross-site
    scripting attack. Description: A permissions issue was addressed
    with additional restrictions.
    WebKit Bugzilla: 286381

CVE-2025-24209
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to Francisco Alonso (@revskills), and an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected process crash. Description: A buffer overflow issue was
    addressed with improved memory handling.
    WebKit Bugzilla: 286462

CVE-2025-24213
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to Google V8 Security Team.
    Impact: A type confusion issue could lead to memory corruption.
    Description: This issue was addressed with improved handling of
    floats. Note that this CVE is fixed only on ARM architectures.
    x86_64 is not vulnerable, x86 is not vulnerable when the SSE2
    instruction set is enabled; but other architectures remain
    vulnerable.
    WebKit Bugzilla: 286694

CVE-2025-24216
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to Paul Bakker of ParagonERP.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 284055

CVE-2025-24264
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to Gary Kwong, and an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 285892

CVE-2025-30427
    Versions affected: WebKitGTK and WPE WebKit before 2.48.1.
    Credit to rheza (@ginggilBesel).
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: A use-after-free issue was
    addressed with improved memory management.
    WebKit Bugzilla: 285643

We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.

Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security.

The WebKitGTK and WPE WebKit team,

Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.